The following Fedora 25 Security updates need testing: Age URL 177 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 76 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 20 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dbbbafea6 runc-1.0.0-7.git6394544.fc25.2 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec3c82e64d libstaroffice-0.0.3-3.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-63789c8c29 tomcat-8.0.44-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcfa3569d6 libmwaw-0.3.11-3.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-62aacc1474 mercurial-3.8.1-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66e2c5b62 chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f68c93aaac kmail-16.12.3-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb1ecba1bc kf5-messagelib-16.12.3-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a11f853361 kdepim4-4.14.10-31.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b c-ares-1.13.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0509fbf37 wireshark-2.2.7-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bff1b87765 webkitgtk4-2.16.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7bc1b3056 kernel-4.11.6-201.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0639fb1490 openvpn-2.4.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-708adeb9b6 libsndfile-1.0.28-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d636042ef drupal8-8.3.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cfd8b2bb23 php-horde-Horde-Image-2.5.0-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 20 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d530a04779 pcre2-10.23-8.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a83e0e61d6 fwupd-0.9.4-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2a026bd3a1 audit-2.7.7-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc2e82175e gstreamer1-vaapi-1.10.5-1.fc25 gstreamer1-plugins-ugly-free-1.10.5-1.fc25 gstreamer1-plugins-bad-free-1.10.5-1.fc25 gstreamer1-plugins-good-1.10.5-1.fc25 gst-editing-services-1.10.5-1.fc25 python-gstreamer1-1.10.5-1.fc25 gstreamer1-rtsp-server-1.10.5-1.fc25 gstreamer1-plugins-base-1.10.5-1.fc25 gstreamer1-1.10.5-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd92718a5a pungi-4.1.16-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82f4a3afee storaged-2.6.2-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9d4c821e2 flatpak-0.9.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c71743bffc acl-2.2.52-13.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-708adeb9b6 libsndfile-1.0.28-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f7cdf3e04 curl-7.51.0-7.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7bc1b3056 kernel-4.11.6-201.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bff1b87765 webkitgtk4-2.16.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-77b1d08ef3 gtk3-3.22.16-1.fc25 The following builds have been pushed to Fedora 25 updates-testing acl-2.2.52-13.fc25 ardour5-5.10.0-1.fc25 autocloud-0.7.1-3.fc25 cinnamon-3.4.2-1.fc25 cinnamon-desktop-3.4.2-1.fc25 cinnamon-screensaver-3.4.1-1.fc25 cinnamon-session-3.4.1-1.fc25 cinnamon-settings-daemon-3.4.2-1.fc25 cloud-init-0.7.9-6.fc25 cri-o-1.0.0.alpha.0-0.git5dcbdc0.fc25.2 curl-7.51.0-7.fc25 datagrepper-0.8.0-1.fc25 drupal8-8.3.4-1.fc25 esptool-2.0-1.fc25 flatpak-0.9.6-1.fc25 golang-github-godbus-dbus-3-0.7.git3725288.fc25 gtk3-3.22.16-1.fc25 hyperrogue-9.4-1.n.fc25 kernel-4.11.6-201.fc25 libsndfile-1.0.28-3.fc25 mingw-gdk-pixbuf-2.36.6-1.fc25 mingw-glib2-2.50.3-1.fc25 mingw-gtk3-3.22.16-1.fc25 mint-y-icons-1.0.8-1.fc25 mutt-1.8.3-1.fc25 nautilus-sendto-3.8.5-1.fc25 nemo-3.4.3-2.fc25 openvpn-2.4.3-1.fc25 pdc-client-1.2.0-3.fc25 perl-RDF-Trine-1.018-1.fc25 perl-Term-Completion-1.00-10.fc25 perl-Type-Tiny-1.002001-1.fc25 php-aws-sdk3-3.30.0-1.fc25 php-horde-Horde-Image-2.5.0-1.fc25 php-pecl-xdebug-2.5.5-1.fc25 python-argh-0.26.1-5.fc25 python-datanommer-consumer-0.8.0-1.fc25 python-datanommer-models-0.8.0-1.fc25 python-fedimg-0.7.2-1.fc25 rpmdeplint-1.3-2.fc25 skopeo-0.1.22-1.git5d24b67.fc25 sugar-speak-54-1.fc25 webkitgtk4-2.16.4-1.fc25 xorgxrdp-0.2.2-1.fc25 Details about builds: ================================================================================ acl-2.2.52-13.fc25 (FEDORA-2017-c71743bffc) Access control list utilities -------------------------------------------------------------------------------- Update Information: - setfacl.1: document the meaning of '-' in perms (#1337039) - avoid failure of %%check when building as root (#1085389) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085389 - internal test suite fails when rebuilding the source RPM https://bugzilla.redhat.com/show_bug.cgi?id=1085389 [ 2 ] Bug #1337039 - setfacl.1 man page is incomplete https://bugzilla.redhat.com/show_bug.cgi?id=1337039 -------------------------------------------------------------------------------- ================================================================================ ardour5-5.10.0-1.fc25 (FEDORA-2017-2606aef270) Digital Audio Workstation -------------------------------------------------------------------------------- Update Information: New upstream release. See [Ardour 5.10 released](https://community.ardour.org/node/15114) for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462037 - ardour5-5.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1462037 -------------------------------------------------------------------------------- ================================================================================ autocloud-0.7.1-3.fc25 (FEDORA-2017-4f1d794511) A test framework to test Fedora cloud images -------------------------------------------------------------------------------- Update Information: Add python2-fedfind ---- updates to 0.7.1 -------------------------------------------------------------------------------- ================================================================================ cinnamon-3.4.2-1.fc25 (FEDORA-2017-4349ca6a71) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ cinnamon-desktop-3.4.2-1.fc25 (FEDORA-2017-4349ca6a71) Shared code among cinnamon-session, nemo, etc -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ cinnamon-screensaver-3.4.1-1.fc25 (FEDORA-2017-4349ca6a71) Cinnamon Screensaver -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ cinnamon-session-3.4.1-1.fc25 (FEDORA-2017-4349ca6a71) Cinnamon session manager -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ cinnamon-settings-daemon-3.4.2-1.fc25 (FEDORA-2017-4349ca6a71) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ cloud-init-0.7.9-6.fc25 (FEDORA-2017-faae58b0d0) Cloud instance init scripts -------------------------------------------------------------------------------- Update Information: This update fixes bugs that prevented the fs_setup.cmd and package statements in cloud-config configurations from working. It also stops NetworkManager from clobbering DNS resolver settings set by cloud-config configuration. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1461959 - cloud-init should configure networkmanager to not manage /etc/resolv.conf https://bugzilla.redhat.com/show_bug.cgi?id=1461959 [ 2 ] Bug #1447708 - cloud-init package module fails with python NameError exception https://bugzilla.redhat.com/show_bug.cgi?id=1447708 -------------------------------------------------------------------------------- ================================================================================ cri-o-1.0.0.alpha.0-0.git5dcbdc0.fc25.2 (FEDORA-2017-320ac2b360) OCI-based implementation of Kubernetes Container Runtime Interface -------------------------------------------------------------------------------- Update Information: rebuilt for s390x -------------------------------------------------------------------------------- ================================================================================ curl-7.51.0-7.fc25 (FEDORA-2017-0f7cdf3e04) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information: - fix links to documentation of TLS cipher-suites (#1463532) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463532 - section for --ciphers in the man page contains dead links https://bugzilla.redhat.com/show_bug.cgi?id=1463532 -------------------------------------------------------------------------------- ================================================================================ datagrepper-0.8.0-1.fc25 (FEDORA-2017-f8d0bde8b2) A webapp to query fedmsg history -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. -------------------------------------------------------------------------------- ================================================================================ drupal8-8.3.4-1.fc25 (FEDORA-2017-0d636042ef) An open source content management platform -------------------------------------------------------------------------------- Update Information: * [8.3.4](https://www.drupal.org/project/drupal/releases/8.3.4) * [Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-003](https://www.drupal.org/SA- CORE-2017-003) * [8.3.3](https://www.drupal.org/project/drupal/releases/8.3.3) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459711 - drupal8-8.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459711 -------------------------------------------------------------------------------- ================================================================================ esptool-2.0-1.fc25 (FEDORA-2017-55960a2cfa) A utility to communicate with the ROM bootloader in Espressif ESP8266 -------------------------------------------------------------------------------- Update Information: New version 2.0 (#1425422) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1425422 - esptool-2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1425422 -------------------------------------------------------------------------------- ================================================================================ flatpak-0.9.6-1.fc25 (FEDORA-2017-e9d4c821e2) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: Update to 0.9.6 -------------------------------------------------------------------------------- ================================================================================ golang-github-godbus-dbus-3-0.7.git3725288.fc25 (FEDORA-2017-c0a03afee5) Go client bindings for D-Bus -------------------------------------------------------------------------------- Update Information: Fix support for s390x -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463511 - update to a newer snapshot to include big endian fix https://bugzilla.redhat.com/show_bug.cgi?id=1463511 -------------------------------------------------------------------------------- ================================================================================ gtk3-3.22.16-1.fc25 (FEDORA-2017-77b1d08ef3) GTK+ graphical user interface library -------------------------------------------------------------------------------- Update Information: gtk+ 3.22.16 release with a number of bug fixes. For details, see https://mail.gnome.org/archives/ftp-release-list/2017-June/msg00064.html -------------------------------------------------------------------------------- ================================================================================ hyperrogue-9.4-1.n.fc25 (FEDORA-2017-e41c4c710f) An SDL roguelike in a non-euclidean world -------------------------------------------------------------------------------- Update Information: Update to new version and new upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442500 - hyperrogue-9.4n is available https://bugzilla.redhat.com/show_bug.cgi?id=1442500 -------------------------------------------------------------------------------- ================================================================================ kernel-4.11.6-201.fc25 (FEDORA-2017-d7bc1b3056) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.11.6 update contains a number of important fixes across the tree, including the recently announced "stack clash" -------------------------------------------------------------------------------- References: [ 1 ] Bug #1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations https://bugzilla.redhat.com/show_bug.cgi?id=1461333 -------------------------------------------------------------------------------- ================================================================================ libsndfile-1.0.28-3.fc25 (FEDORA-2017-708adeb9b6) Library for reading and writing sound files -------------------------------------------------------------------------------- Update Information: fix CVE-2017-6892 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463326 - CVE-2017-6892 libsndfile: Information disclosure via aiff_read_chanmap() function https://bugzilla.redhat.com/show_bug.cgi?id=1463326 -------------------------------------------------------------------------------- ================================================================================ mingw-gdk-pixbuf-2.36.6-1.fc25 (FEDORA-2017-02706ffd28) MinGW Windows GDK Pixbuf library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled gdk-pixbuf 2.36.6 release. -------------------------------------------------------------------------------- ================================================================================ mingw-glib2-2.50.3-1.fc25 (FEDORA-2017-57f52e8ceb) MinGW Windows GLib2 library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled glib 2.50.3 release. -------------------------------------------------------------------------------- ================================================================================ mingw-gtk3-3.22.16-1.fc25 (FEDORA-2017-4876ffe83c) MinGW Windows GTK+ library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled gtk+ 3.22.16 release. -------------------------------------------------------------------------------- ================================================================================ mint-y-icons-1.0.8-1.fc25 (FEDORA-2017-b1712a8a1a) The Mint-Y icon theme -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463454 - mint-y-icons-1.0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463454 -------------------------------------------------------------------------------- ================================================================================ mutt-1.8.3-1.fc25 (FEDORA-2017-a173221d41) A text mode mail user agent -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457011 - mutt-1.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457011 -------------------------------------------------------------------------------- ================================================================================ nautilus-sendto-3.8.5-1.fc25 (FEDORA-2017-854c870354) Nautilus context menu for sending files -------------------------------------------------------------------------------- Update Information: * Add AppData to make it show up as a Files extension in Software * Fix crash when fast-content-type is unavailable * Updated translations -------------------------------------------------------------------------------- References: [ 1 ] Bug #1353282 - [abrt] nautilus-sendto: __strcmp_sse2_unaligned(): nautilus-sendto killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1353282 -------------------------------------------------------------------------------- ================================================================================ nemo-3.4.3-2.fc25 (FEDORA-2017-4349ca6a71) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: ............... ---- Bug fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463445 - cinnamon-themes-2017.06.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463445 [ 2 ] Bug #1398991 - Desktop Icons disappearing if position changed and stored on file ~/.config/nemo/desktop-metadata https://bugzilla.redhat.com/show_bug.cgi?id=1398991 [ 3 ] Bug #1459980 - [abrt] cinnamon-screensaver: stage.py:401:after_power_state_changed:AttributeError: 'NoneType' object has no attribute 'update_revealed' https://bugzilla.redhat.com/show_bug.cgi?id=1459980 [ 4 ] Bug #1452696 - [abrt] cinnamon-screensaver: framedImage.py:75:generate_image:UnboundLocalError: local variable 'pixbuf' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1452696 [ 5 ] Bug #1446057 - [abrt] cinnamon-screensaver-3.2.14-0.4: Process /usr/libexec/cinnamon-screensaver-pam-helper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1446057 [ 6 ] Bug #1461426 - Schema provided by cinnamon-settings-daemon conflicts with one from gnome-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1461426 -------------------------------------------------------------------------------- ================================================================================ openvpn-2.4.3-1.fc25 (FEDORA-2017-0639fb1490) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463643 - CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2017-7522 openvpn: Multiple security issues fixed in OpenVPN 2.4.3 and 2.3.17 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1463643 [ 2 ] Bug #1463647 - openvpn-2.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463647 -------------------------------------------------------------------------------- ================================================================================ pdc-client-1.2.0-3.fc25 (FEDORA-2017-08eb57707a) Console client for interacting with Product Definition Center -------------------------------------------------------------------------------- Update Information: Fix dependencies to pull in packages for correct Python version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463310 - None https://bugzilla.redhat.com/show_bug.cgi?id=1463310 [ 2 ] Bug #1463298 - None https://bugzilla.redhat.com/show_bug.cgi?id=1463298 -------------------------------------------------------------------------------- ================================================================================ perl-RDF-Trine-1.018-1.fc25 (FEDORA-2017-1b1e8fa38b) RDF Framework for Perl -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463459 - perl-RDF-Trine-1.018 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463459 -------------------------------------------------------------------------------- ================================================================================ perl-Term-Completion-1.00-10.fc25 (FEDORA-2017-6f3ff717a9) Read one line of user input, with convenience functions -------------------------------------------------------------------------------- Update Information: Fixed handling of spaces and tabs after the end of completed file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458244 - [PATCH] - improve perl-Term-Completion handling of spaces https://bugzilla.redhat.com/show_bug.cgi?id=1458244 -------------------------------------------------------------------------------- ================================================================================ perl-Type-Tiny-1.002001-1.fc25 (FEDORA-2017-3c70bc12c7) Tiny, yet Moo(se)-compatible type constraint -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-aws-sdk3-3.30.0-1.fc25 (FEDORA-2017-37e68a0a4d) Amazon Web Services framework for PHP -------------------------------------------------------------------------------- Update Information: ## 3.30.0 - 2017-06-21 * `AwsDAX` - Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement - from milliseconds to microseconds - even at millions of requests per second. DAX does all the heavy lifting required to add in-memory acceleration to your DynamoDB tables, without requiring developers to manage cache invalidation, data population, or cluster management. * `AwsRoute53` - Amazon Route 53 now supports multivalue answers in response to DNS queries, which lets you route traffic approximately randomly to multiple resources, such as web servers. Create one multivalue answer record for each resource and, optionally, associate an Amazon Route 53 health check with each record, and Amazon Route 53 responds to DNS queries with up to eight healthy records. * `AwsSSM` - Adding hierarchy support to the SSM Parameter Store API. Added support tor tagging. New APIs: GetParameter - retrieves one parameter, DeleteParameters - deletes multiple parameters (max number 10), GetParametersByPath - retrieves parameters located in the hierarchy. Updated APIs: PutParameter - added ability to enforce parameter value by applying regex (AllowedPattern), DescribeParameters - modified to support Tag filtering. * `AwsWAF` - You can now create, edit, update, and delete a new type of WAF rule with a rate tracking component. ## 3.29.9 - 2017-06-20 * `AwsWorkDocs` - This release provides a new API to retrieve the activities performed by WorkDocs users. ## 3.29.8 - 2017-06-19 * `AwsOrganizations` - Improvements to Exception Modeling ## 3.29.7 - 2017-06-16 * `AwsBatch` - AWS Batch is now available in the ap-northeast-1 region. * `AwsXRay` - Add a response time histogram to the services in response of GetServiceGraph API. ## 3.29.6 - 2017-06-15 * `AwsEC2` - Adds API to describe Amazon FPGA Images (AFIs) available to customers, which includes public AFIs, private AFIs that you own, and AFIs owned by other AWS accounts for which you have load permissions. * `AwsECS` - Added support for cpu, memory, and memory reservation container overrides on the RunTask and StartTask APIs. * `AwsIoT` - Revert the last release: remove CertificatePem from DescribeCertificate API. * `AwsServiceCatalog` - Added ProvisioningArtifactSummaries to DescribeProductAsAdmin's output to show the provisioning artifacts belong to the product. Allow filtering by SourceProductId in SearchProductsAsAdmin for AWS Marketplace products. Added a verbose option to DescribeProvisioningArtifact to display the CloudFormation template used to create the provisioning artifact.Added DescribeProvisionedProduct API. Changed the type of ProvisionedProduct's Status to be distinct from Record's Status. New ProvisionedProduct's Status are AVAILABLE, UNDER_CHANGE, TAINTED, ERROR. Changed Record's Status set of values to CREATED, IN_PROGRESS, IN_PROGRESS_IN_ERROR, SUCCEEDED, FAILED. ## 3.29.5 - 2017-06-14 * `AwsApplicationAutoScaling` - Application Auto Scaling now supports automatic scaling of read and write throughput capacity for DynamoDB tables and global secondary indexes. * `AwsCloudDirectory` - Documentation update for Cloud Directory ## 3.29.4 - 2017-06-13 * `AwsConfigService` - With this release AWS Config supports the Amazon CloudWatch alarm resource type. ## 3.29.3 - 2017-06-12 * `AwsRDS` - API Update for RDS: this update enables copy-on-write, a new Aurora MySQL Compatible Edition feature that allows users to restore their database, and support copy of TDE enabled snapshot cross region. ## 3.29.2 - 2017-06-09 * `AwsOpsWorks` - Tagging Support for AWS OpsWorks Stacks ## 3.29.1 - 2017-06-08 * `AwsIoT` - In addition to using certificate ID, AWS IoT customers can now obtain the description of a certificate with the certificate PEM. * `AwsPinpoint` - Starting today Amazon Pinpoint adds SMS Text and Email Messaging support in addition to Mobile Push Notifications, providing developers, product managers and marketers with multi-channel messaging capabilities to drive user engagement in their applications. Pinpoint also enables backend services and applications to message users directly and provides advanced user and app analytics to understand user behavior and messaging performance. * `AwsRekognition` - API Update for AmazonRekognition: Adding RecognizeCelebrities API ## 3.29.0 - 2017-06-07 * `AwsCodeBuild` - Add support to APIs for privileged containers. This change would allow performing privileged operations like starting the Docker daemon inside builds possible in custom docker images. * `AwsGreengrass` - AWS Greengrass is software that lets you run local compute, messaging, and device state synchronization for connected devices in a secure way. With AWS Greengrass, connected devices can run AWS Lambda functions, keep device data in sync, and communicate with other devices securely even when not connected to the Internet. Using AWS Lambda, Greengrass ensures your IoT devices can respond quickly to local events, operate with intermittent connections, and minimize the cost of transmitting IoT data to the cloud. ## 3.28.10 - 2017-06-06 * `AwsACM` - Documentation update for AWS Certificate Manager. * `AwsCloudFront` - Doc update to fix incorrect prefix in S3OriginConfig * `AwsIoT` - Update client side validation for SalesForce action. ## 3.28.9 - 2017-06-05 * `AwsAppStream` - AppStream 2.0 Custom Security Groups allows you to easily control what network resources your streaming instances and images have access to. You can assign up to 5 security groups per Fleet to control the inbound and outbound network access to your streaming instances to specific IP ranges, network protocols, or ports. * `AwsAutoScaling` - Autoscaling resource model update. * `AwsIoT` - Added Salesforce action to IoT Rules Engine. ## 3.28.8 - 2017-06-02 * `AwsKinesisAnalytics` - Kinesis Analytics publishes error messages CloudWatch logs in case of application misconfigurations * `AwsWorkDocs` - This release includes new APIs to manage tags and custom metadata on resources and also new APIs to add and retrieve comments at the document level. ## 3.28.7 - 2017-06-01 * `AwsCodeDeploy` - AWS CodeDeploy has improved how it manages connections to GitHub accounts and repositories. You can now create and store up to 25 connections to GitHub accounts in order to associate AWS CodeDeploy applications with GitHub repositories. Each connection can support multiple repositories. You can create connections to up to 25 different GitHub accounts, or create more than one connection to a single account. The ListGitHubAccountTokenNames command has been introduced to retrieve the names of stored connections to GitHub accounts that you have created. The name of the connection to GitHub used for an AWS CodeDeploy application is also included in the ApplicationInfo structure. Two new fields, lastAttemptedDeployment and lastSuccessfulDeployment, have been added to DeploymentGroupInfo to improve the handling of deployment group information in the AWS CodeDeploy console. Information about these latest deployments can also be retrieved using the GetDeploymentGroup and BatchGetDeployment group requests. Also includes a region update (us-gov- west-1). * `AwsCognitoIdentityProvider` - Added support within Amazon Cognito User Pools for 1) a customizable hosted UI for user sign up and sign in and 2) integration of external identity providers. * `AwsElasticLoadBalancingv2` - Update the existing DescribeRules API to support pagination. * `AwsLexModelBuildingService` - Updated documentation and added examples for Amazon Lex Runtime Service. ## 3.28.6 - 2017-05-31 * `AwsRDS` - Amazon RDS customers can now easily and quickly stop and start their DB instances. ## 3.28.5 - 2017-05-30 * `AwsCloudDirectory` - Cloud Directory has launched support for Typed Links, enabling customers to create object-to-object relationships that are not hierarchical in nature. Typed Links enable customers to quickly query for data along these relationships. Customers can also enforce referential integrity using Typed Links, ensuring data in use is not inadvertently deleted. * `AwsS3` - New example snippets for Amazon S3. * `AwsS3` - S3 calls are now done with a host style URL by default. Options for path style on the client and command levels are available as `use_path_style_endpoint` and `@use_path_style_endpoint`, respectively. [More details on the differences between the styles can be found here.](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access- bucket-intro) ## 3.28.4 - 2017-05-25 * `AwsAppStream` - Support added for persistent user storage, backed by S3. * `AwsRekognition` - Updated the CompareFaces API response to include orientation information, unmatched faces, landmarks, pose, and quality of the compared faces. ## 3.28.3 - 2017-05-24 * `AwsIAM` - The unique ID and access key lengths were extended from 32 to 128 * `AwsSTS` - The unique ID and access key lengths were extended from 32 to 128. * `AwsStorageGateway` - Two Storage Gateway data types, Tape and TapeArchive, each have a new response element, TapeUsedInBytes. This element helps you manage your virtual tapes. By using TapeUsedInBytes, you can see the amount of data written to each virtual tape. ## 3.28.2 - 2017-05-23 * `AwsDatabaseMigrationService` - This release adds support for using Amazon S3 and Amazon DynamoDB as targets for database migration, and using MongoDB as a source for database migration. For more information, see the AWS Database Migration Service documentation. ## 3.28.1 - 2017-05-22 * `AwsResourceGroupsTaggingAPI` - You can now specify the number of resources returned per page in GetResources operation, as an optional parameter, to easily manage the list of resources returned by your queries. * `AwsSQS` - MD5 Validation of `MessageAttributes` is now being performed on `ReceiveMessage` calls. SQS uses a custom encoding for generating the hash input, [details on that scheme are available here.](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide /sqs-message-attributes.html#sqs-attrib-md5) ## 3.28.0 - 2017-05-18 * `AwsAthena` - This release adds support for Amazon Athena. Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run. * `AwsLightsail` - This release adds new APIs that make it easier to set network port configurations on Lightsail instances. Developers can now make a single request to both open and close public ports on an instance using the PutInstancePublicPorts operation. ## 3.27.5 - 2017-05-17 * `AwsAutoScaling` - Various Auto Scaling documentation updates * `AwsCloudWatchEvents` - Various CloudWatch Events documentation updates. * `AwsCloudWatchLogs` - Various CloudWatch Logs documentation updates. * `AwsPolly` - Amazon Polly adds new German voice "Vicki" ## 3.27.4 - 2017-05-16 * `AwsCodeDeploy` - This release introduces the previousRevision field in the responses to the GetDeployment and BatchGetDeployments actions. previousRevision provides information about the application revision that was deployed to the deployment group before the most recent successful deployment. Also, the fileExistsBehavior parameter has been added for CreateDeployment action requests. In the past, if the AWS CodeDeploy agent detected files in a target location that weren't part of the application revision from the most recent successful deployment, it would fail the current deployment by default. This new parameter provides options for how the agent handles these files: fail the deployment, retain the content, or overwrite the content. * `AwsGameLift` - Allow developers to specify how metrics are grouped in CloudWatch for their GameLift fleets. Developers can also specify how many concurrent game sessions activate on a per-instance basis. * `AwsInspector` - Adds ability to produce an assessment report that includes detailed and comprehensive results of a specified assessment run. * `AwsKMS` - Update documentation for KMS. ## 3.27.3 - 2017-05-15 * `AwsSSM` - UpdateAssociation API now supports updating document name and targets of an association. GetAutomationExecution API can return FailureDetails as an optional field to the StepExecution Object, which contains failure type, failure stage as well as other failure related information for a failed step. ## 3.27.2 - 2017-05-11 * `AwsElasticLoadBalancing` - Add a new API to allow customers to describe their account limits, such as load balancer limit, target group limit etc. * `AwsElasticLoadBalancingv2` - Add a new API to allow customers to describe their account limits, such as load balancer limit, target group limit etc. * `AwsLexModelBuildingService` - Releasing new DeleteBotVersion, DeleteIntentVersion and DeleteSlotTypeVersion APIs. * `AwsOrganizations` - AWS Organizations APIs that return an Account object now include the email address associated with the account's root user. ## 3.27.1 - 2017-05-09 * `AwsCodeStar` - Updated documentation for AWS CodeStar. * `AwsWorkSpaces` - Doc-only Update for WorkSpaces -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449422 - php-aws-sdk3-3.30.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1449422 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Image-2.5.0-1.fc25 (FEDORA-2017-cfd8b2bb23) Horde Image API -------------------------------------------------------------------------------- Update Information: **Horde_Image 2.5.0** * [mjr] **SECURITY**: Prevent DOS attack by preventing an infinite loop in certain conditions (CVE-2017-9773, reported by Fariskhi Vidyan). * [mjr] **SECURITY**: Prevent RCE attacks by properly sanitizing shell arguments (CVE-2017-9774, reported by Fariskhi Vidyan). * [jan] Add blur effect. -------------------------------------------------------------------------------- ================================================================================ php-pecl-xdebug-2.5.5-1.fc25 (FEDORA-2017-963ea5323f) PECL package for debugging PHP scripts -------------------------------------------------------------------------------- Update Information: Wed, Jun 21, 2017 - **xdebug 2.5.5** - Fixed issue #1439: TYPE_CHECK needs overloading due to smart branches - Fixed issue #1444: Code Coverage misses a variable in a multi-line function call - Fixed issue #1446: Code Coverage misses elseif if it uses an isset with a property -------------------------------------------------------------------------------- ================================================================================ python-argh-0.26.1-5.fc25 (FEDORA-2017-80e53f76b9) Unobtrusive argparse wrapper with natural syntax -------------------------------------------------------------------------------- Update Information: * Adapt spec-file to recent guidelines * Initial build for EPEL 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1181845 - Request for EPEL7 build of python-argh https://bugzilla.redhat.com/show_bug.cgi?id=1181845 -------------------------------------------------------------------------------- ================================================================================ python-datanommer-consumer-0.8.0-1.fc25 (FEDORA-2017-f8d0bde8b2) Hub consumer plugin for datanommer -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. -------------------------------------------------------------------------------- ================================================================================ python-datanommer-models-0.8.0-1.fc25 (FEDORA-2017-f8d0bde8b2) SQLAlchemy models for datanommer -------------------------------------------------------------------------------- Update Information: Latest upstream. Includes improved support for stomp-based backends and some theme/UI improvements. -------------------------------------------------------------------------------- ================================================================================ python-fedimg-0.7.2-1.fc25 (FEDORA-2017-22fadfbfb9) Automatically upload Fedora Cloud images to cloud providers -------------------------------------------------------------------------------- Update Information: Updates to 0.7.2 ---- Updates to 0.7.1 ---- Change dependency fedfind to python2-fedfind -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463975 - python-fedimg-0.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463975 [ 2 ] Bug #1423753 - Cloud images on AWS account 125523088429 cannot be copied https://bugzilla.redhat.com/show_bug.cgi?id=1423753 [ 3 ] Bug #1459576 - python-fedimg-0.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459576 [ 4 ] Bug #1371241 - python-fedimg-0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1371241 -------------------------------------------------------------------------------- ================================================================================ rpmdeplint-1.3-2.fc25 (FEDORA-2017-46e3c100fe) Tool to find errors in RPM packages in the context of their dependency graph -------------------------------------------------------------------------------- Update Information: The main rpmdeplint package now has a versioned requirement on its python3-rpmdeplint package, to ensure they stay in sync (RHBZ#1462047) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462047 - Upgrading rpmdeplint resulted in a version mismatch https://bugzilla.redhat.com/show_bug.cgi?id=1462047 -------------------------------------------------------------------------------- ================================================================================ skopeo-0.1.22-1.git5d24b67.fc25 (FEDORA-2017-69eb07f9da) Inspect Docker images and repositories on registries -------------------------------------------------------------------------------- Update Information: Improvements in usability and man pages. Updated to use latest containers/storage package and ship container storage config files. ---- Added storage.conf and man page to skopeo-containers. This config can be shared by all users of github.com:containers/storage ---- Release 0.1.20 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380078 - skopeo-v0.1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1380078 [ 2 ] Bug #1463654 - skopeo-v0.1.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463654 -------------------------------------------------------------------------------- ================================================================================ sugar-speak-54-1.fc25 (FEDORA-2017-bcaaacf429) Speak for Sugar -------------------------------------------------------------------------------- Update Information: Release version 54 -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.16.4-1.fc25 (FEDORA-2017-bff1b87765) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update addresses the following vulnerabilities: * [CVE-2017-2538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2538) Additional fixes: * Fix web process deadlock when seeking youtube videos. * Fix blob downloads. * Improve theme rendering performance when using GTK+ >= 3.20. * Fix positioning of popup menus in Wayland. * Fix several crashes and rendering issues. * Fix JavaScriptCore crashes on big-endian architectures -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.2.2-1.fc25 (FEDORA-2017-a950603d15) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: This version includes: - RemoteFX codec bandwidth optimization when app redraws aggressively - Some cleanups ex. use const pointer, use more suitable variable types -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437053 - xorgxrdp-0.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1437053 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
